In my last tutorial, we created an API that lets the user register and immediately logs the user in after registration. For this tutorial, we will be adding e-mail verification, unlike the previous tutorial, the user will have to confirm their email address before being able to log in.

A majority of the steps are similar with some minor adjustments, I will indicate this with an asterisks(*) after the title.

Please note that this tutorial assumes you have some PHP experience, this tutorial does not explain each line of the code instead it presents you with the code and gives you an overview of what the code does and points out the important parts of the code. I have made the code as simple as possible, if you have any questions, please do not hesitate to leave a comment.

We also need to publish the assets for this package. From the command line:

After you run this command you will see a new file in the config folder called jwt.php. This file contains settings for jwt-auth, one of which we need to change right away. We need to generate a secret key, from the command line, run:

php artisan jwt:generate

You’ll see that after running this command we get a new value next to’secret’ where “changeme” was before.

Register the jwt.auth and jwt.refresh middleware in app/http/Kernel.php

Step 3: Set Up Routes (*)

Open up routes/api.php.

routes/api.php

Open up routes/web.php and add the route for verifying.

routes/web.php

Step 4: Set Up Database (*)

Since we are going to allow users to create their accounts within the application, we will need a table to store all of our users. Thankfully, Laravel already ships with a migration to create a basic users table, so we do not need to manually generate one. The default migration for the users table is located in the database/migrations directory.

We need to create a new table and add an extra column to the users table. Firstly, we need a boolean field ‘is_verified’ to keep track of whether a user has verified their email address, this will be set to false by default.

Create a new table “user_verifications” this table will store the user’s verification code. When the user registers, a verification code is generated and stored in the table and an email with a verification link is sent.

When a user follows this link, we take the passed in verification code and search for it within the user_verifications table. If a matching verified code is found we set the is_verified field for this user to true.

php artisan make:migration create_user_verifications_table

The new migration file is created in the database/migrations directory.